Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

new HijackThis log(is issue resolved)


  • This topic is locked This topic is locked

#1
out of my league

out of my league

    Member

  • Member
  • PipPip
  • 24 posts
I had a Cryp_Tap-2 vundo virus and was directed to run fixwareout followed by combofix and then post the logs. Can anyone tell me if they see any existing problems and any corrections that should be taken



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:25:45 PM, on 3/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe



ComboFix 08-03-05.1 - Aaron 2008-03-05 16:08:24.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.176 [GMT -5:00]
Running from: C:\Documents and Settings\Aaron\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Helper
C:\Program Files\Helper\1204508568.dll
C:\WINDOWS\system32\ljjheed.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pqtss.ini
C:\WINDOWS\system32\pqtss.ini2
C:\WINDOWS\system32\sstqp.dll

.
((((((((((((((((((((((((( Files Created from 2008-02-05 to 2008-03-05 )))))))))))))))))))))))))))))))
.

2008-03-05 15:45 . 2008-03-05 15:55 <DIR> d-------- C:\fixwareout
2008-03-04 23:59 . 2008-03-04 23:59 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-04 22:35 . 2008-03-04 22:35 <DIR> d-------- C:\VundoFix Backups
2008-03-04 21:34 . 2008-03-04 21:34 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-03-03 16:30 . 2008-03-03 16:30 2 --a------ C:\WINDOWS\msoffice.ini
2008-03-03 15:06 . 2008-03-03 15:31 <DIR> d-------- C:\Program Files\eBoostr
2008-03-03 15:06 . 2008-03-05 16:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\eboostr
2008-03-02 20:07 . 2008-03-02 20:07 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-03-02 19:54 . 2008-03-02 19:54 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Avanquest
2008-03-02 19:53 . 2008-03-02 19:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-03-02 19:52 . 2008-03-02 19:52 <DIR> dr-hs---- C:\_Backup.RC
2008-03-02 19:52 . 2008-03-04 22:03 <DIR> d--h----- C:\_Backup
2008-03-02 19:49 . 2008-03-02 19:49 <DIR> d-------- C:\Documents and Settings\Aaron\Application Data\Avanquest
2008-03-02 19:48 . 2008-03-02 19:48 <DIR> d-------- C:\Program Files\Avanquest
2008-03-02 19:21 . 2008-03-02 19:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-02-22 12:47 . 2008-03-02 19:06 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-22 12:33 . 2008-03-02 19:26 <DIR> d-------- C:\Program Files\Wise Registry Cleaner
2008-02-22 02:34 . 2008-02-22 02:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-22 00:36 . 2008-02-22 09:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-22 00:08 . 2008-02-22 00:08 <DIR> d-------- C:\Program Files\Hawking
2008-02-22 00:08 . 2005-10-28 11:38 402,432 --a------ C:\WINDOWS\system32\drivers\ZD1211BU.sys
2008-02-22 00:08 . 2004-01-14 11:25 81,920 --a------ C:\WINDOWS\system32\ZDPN50.DLL
2008-02-22 00:08 . 2005-03-18 15:35 31,744 --a------ C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
2008-02-22 00:08 . 2005-06-08 18:44 29,184 --a------ C:\WINDOWS\system32\drivers\BRGSp50a64.sys
2008-02-22 00:08 . 2004-03-23 16:38 28,672 --a------ C:\WINDOWS\system32\InsDrvZD.dll
2008-02-22 00:08 . 2003-03-14 12:24 24,576 --a------ C:\WINDOWS\system32\ZyDelReg.exe
2008-02-22 00:08 . 2005-06-08 18:44 20,608 --a------ C:\WINDOWS\system32\drivers\BRGSp50.sys
2008-02-22 00:08 . 2004-10-25 13:40 17,664 --a------ C:\WINDOWS\system32\drivers\ZDPSp50.sys
2008-02-22 00:08 . 2004-01-14 11:30 17,151 --a------ C:\WINDOWS\system32\ZDPNDIS5.SYS
2008-02-22 00:08 . 2005-07-12 14:44 15,872 --a------ C:\WINDOWS\system32\InsDrvZD64.DLL
2008-02-21 23:18 . 2008-02-21 23:20 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-21 23:16 . 2008-03-02 20:43 <DIR> d-------- C:\Program Files\NetProject
2008-02-19 15:22 . 2008-02-19 15:22 <DIR> d-------- C:\Documents and Settings\Aaron\Application Data\vlc

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-05 21:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\DIGStream
2008-03-03 21:46 --------- d-----w C:\Program Files\FlashGet
2008-03-03 21:32 --------- d-----w C:\Program Files\Common Files\AOL
2008-03-03 21:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-03-03 21:31 --------- d-----w C:\Documents and Settings\Administrator\Application Data\AOL
2008-03-03 21:31 --------- d-----w C:\Documents and Settings\Aaron\Application Data\AOL
2008-03-03 00:43 --------- d-----w C:\Program Files\Symantec
2008-03-03 00:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-03 00:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-22 17:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-22 17:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Napster
2008-02-02 17:19 --------- d-----w C:\Program Files\Notebook Maximizer
2007-11-08 22:12 164 ----a-w C:\Documents and Settings\Aaron\Application Data\wklnhst.dat
2003-08-27 21:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
.

------- Sigcheck -------

b4e29943b4b04bd5e7381546848e6669 C:\WINDOWS\system32\drivers\tcpip.sys
----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
-c----w 359,040 2004-08-10 12:00:00 C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
-c----w 359,808 2006-04-20 11:51:50 C:\WINDOWS\system32\dllcache\tcpip.sys
----a-w 359,808 2006-04-20 11:51:50 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 05:24 65536]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 07:00 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-19 15:21 68856]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 16:56 64512]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 11:11 1388544]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-08-06 10:27 860160]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 00:40 196608]
"00THotkey"="C:\WINDOWS\system32\00THotkey.exe" [2004-06-28 19:24 258048]
"000StTHK"="000StTHK.exe" [2001-06-23 22:28 24576 C:\WINDOWS\system32\000StTHK.exe]
"TFNF5"="TFNF5.exe" [2004-06-28 12:16 73728 C:\WINDOWS\system32\TFNF5.exe]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-06-29 20:04 1077326]
"TosHKCW.exe"="C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2002-09-09 17:07 49152]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2004-03-02 15:45 135168]
"TouchED"="C:\Program Files\TOSHIBA\TouchED\TouchED.Exe" [2003-01-21 20:00 126976]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-08-03 03:05 122939]
"Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [2004-09-03 11:25 73728]
"TPSMain"="TPSMain.exe" [2004-08-27 11:34 278528 C:\WINDOWS\system32\TPSMain.exe]
"TOSHIBA Picture Enhancement Utility"="C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe" [2004-08-17 18:51 638976]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-23 03:33 7122944]
"nwiz"="nwiz.exe" [2005-08-23 03:33 1519616 C:\WINDOWS\system32\nwiz.exe]
"Pinger"="C:\TOSHIBA\IVP\ISM\pinger.exe" [2005-03-17 19:37 151552]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-05 20:16 184320]
"AGRSMMSG"="AGRSMMSG.exe" [2004-12-21 11:10 88358 C:\WINDOWS\agrsmmsg.exe]
"Notebook Maximizer"="C:\Program Files\Notebook Maximizer\maximizer_startup.exe" [2006-05-04 19:59 40960]
"DIGStream"="C:\Program Files\DIGStream\digstream.exe" [2005-05-18 17:49 282624]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 01:41 49152]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-19 15:21 68856]

C:\Documents and Settings\Aaron\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-03-17 17:06:14 59080]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2004-06-18 01:33:06 380928]
eBoostr Control Panel.lnk - C:\Program Files\eBoostr\eBoostrCP.exe [2007-12-18 08:06:02 274944]
Hawking Wireless Utility.lnk - C:\Program Files\Hawking\HWU8DD\HWU8DD.exe [2008-02-22 00:08:14 483328]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 03:21:22 288472]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2004-08-27 16:56:06 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 eBoost;eBoostr caching filter driver;C:\WINDOWS\system32\drivers\eBoost.sys [2007-12-18 08:06]
R2 EBOOSTRSVC;eBoostr Service;"C:\Program Files\eBoostr\EBstrSvc.exe" [2007-12-19 20:39]
R3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2004-05-17 17:18]
R3 ttv200x;TOSHIBA PCI TV Tuner type W;C:\WINDOWS\system32\DRIVERS\ttv200x.sys [2004-09-07 22:16]
S3 MailScan;MailScan;C:\PROGRA~1\AVANQU~1\SYSTEM~1\MailScan.sys []
S3 ZD1211BU(Hawking);Hawking Hi-Gain Wireless-G USB Dish Adapter(Hawking);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]

.
Contents of the 'Scheduled Tasks' folder
"2008-03-05 20:44:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-05 16:20:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-03-05 16:22:48 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-05 21:22:31


C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\eBoostr\EBstrSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\eBoostr\eBoostrCP.exe
C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myownstar...hibadirect.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TOSHIBA Picture Enhancement Utility] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - S-1-5-18 Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: eBoostr Control Panel.lnk = C:\Program Files\eBoostr\eBoostrCP.exe
O4 - Global Startup: Hawking Wireless Utility.lnk = C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorert...et/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.explorert...et/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {2042B57E-6336-459E-B7CE-2A0F6C9E6AF8} (IEPlayInterface Class) - file:///F:/win/setup/iaieplay.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1162128039313
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: eBoostr Service (EBOOSTRSVC) - Unknown owner - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe

--
End of file - 11240 bytes
  • 0

Advertisements


#2
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Stop making multiple topics, you need to post it in your original topic here

http://www.geekstogo...or-t189956.html
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP